Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

Security: Rogue Device Attacks

Date and Time

Wednesday, December 19, 2018 from 6:30 pm to 9:00 pm

Location

MIT Building E-51, Room 315

Presenters

Federico Lucifredi - flucifredi acm org

Summary

A live demonstration of hacking with keystroke injection attacks

Abstract

We will be taking advantage of the inherent trust that computers place on what is believed to be a regular keyboard to unleash pre-programmed kesytroke payloads at well over 1000 words a minute. We access the host system and bypass traditional security countermeasures for payloads that can include reverse shells, binary injetion, brute force password attacks, and just about any attack that can be fully automated.

In this session we explore the fundamentals of attacks exploiting the trust the operating system places on USB human-interaction devices to demonstrate once again the old principle that if you can physically access a computing device, there is no real security to be had. I will review the hardware, its capabilities, how it can be used to breach OS security, and how attackers can enable it to perform a variety of nefarious tasks with its own suite of tools. I will then show how to build and install additional software and customize the device with binary or scripted payloads.

After exploring the building blocks of USB HID exploitation, we take the discussion to the next level by altogether removing the need for a device and exploring what attacks can be delivered directly by a plain USB cable. We dissect an easily-sourced, low-cost hardware implant embedded in a standard, innocent-looking USB cable providing an attacker with further capabilities, including among them the ability to track its own geolocation.

Clearly, complete control of a covert computer running with full system access can be used in a variety of network security attack scenarios that need to be accounted for in your threat model. We'll discuss applicable security countermeasures.

Use your newfound knowledge for good, with great power comes great responsibility!

Bio

Federico Lucifredi is The Ceph Storage Product Management Director at Red Hat, formerly the Ubuntu Server PM at Canonical, and the Linux “Systems Management Czar” at SUSE.

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org